Cloud Servers

Have Feedback?

SSH - "REMOTE HOST IDENTIFICATION HAS CHANGED"

Last updated on: 2015-12-29

Authored by: Rackspace Support

The first time you try to connect to a newly-rebuilt Cloud Server, you
may be greeted with a message similar to the following:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx.
Please contact your system administrator.
Add correct host key in /home/scott/.ssh/known_hosts to get rid of this message.
Offending key in /home/scott/.ssh/known_hosts:15
RSA host key for 1.2.3.4 has changed and you have requested strict checking.
Host key verification failed.

It may seem alarming to the unaware, but in this case it is harmless.
The RSA key on your Cloud Server was changed when you rebuilt it, and
your SSH client is simply trying to warn you that (it thinks) the
discrepancy may be fault of an attacker. Please note that if you see
this message at any other time, you should not enter your credentials
and should investigate further.

The first line tells you the file name and the line number of the old
key; in this case, you could simply open up the .ssh/known_hosts file
in your favorite editor and delete line 15 to resolve the issue.
Alternatively, you could run this Linux command…

sed -i '/1.2.3.4/d' /home/scott/.ssh/known_hosts

… replacing the IP and pathname as appropriate.

The next time you attempt to log in, SSH should tell you that the host
key is unknown and ask if you want to connect and save the new key.